1.9
CVE-2010-2803
- EPSS 0.47%
- Veröffentlicht 08.09.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:32
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 2.6.27.53
Linux ≫ Linux Kernel Version >= 2.6.32 < 2.6.32.21
Linux ≫ Linux Kernel Version >= 2.6.34 < 2.6.34.6
Linux ≫ Linux Kernel Version >= 2.6.35 < 2.6.35.4
Debian ≫ Debian Linux Version5.0
Suse ≫ Linux Enterprise Desktop Version11 Updatesp1
Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp1
Suse ≫ Linux Enterprise Real Time Version11 Updatesp1
Suse ≫ Linux Enterprise Server Version11 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.47% | 0.368 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
http://www.debian.org/security/2010/dsa-2094
http://www.vupen.com/english/advisories/2011/0298
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html
http://secunia.com/advisories/41512
http://www.vupen.com/english/advisories/2010/2430
http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=1b2f1489633888d4a06028315dc19d65768a1c05
http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=b9f0aee83335db1f3915f4e42a5e21b351740afd
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9f0aee83335db1f3915f4e42a5e21b351740afd
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
http://www.redhat.com/support/errata/RHSA-2010-0842.html
https://bugzilla.redhat.com/show_bug.cgi?id=621435